<?php

/**
 * Controller is the customized base controller class.
 * All controller classes for this application should extend from this base class.
 */
class Controller extends CController
{
    /**
     * @var string the default layout for the controller view. Defaults to '//layouts/main',
     * meaning using a single column layout. See 'protected/views/layouts/main.php'.
     */
    public $layout = '//layouts/main';
    /**
     * @var array context menu items. This property will be assigned to {@link CMenu::items}.
     */
    public $menu = array();
    /**
     * @var array the breadcrumbs of the current page. The value of this property will
     * be assigned to {@link CBreadcrumbs::links}. Please refer to {@link CBreadcrumbs::links}
     * for more details on how to specify this property.
     */
    public $breadcrumbs = array();

    public function init()
    {
        parent::init();
        $isAdmin = false;
        if (!Yii::app()->user->isGuest) {
            $isAdmin = Yii::app()->user->isAdmin();
        }
        if (!$isAdmin) {
            $route = $this->getRoute();
            if(strpos($route,'api/') === 0)
            {
                return;
            }
            $opUserPermissions = Permission::getOpUserPermissions();
            if (!isset($opUserPermissions[$route])) {
                if (Yii::app()->user->isLogin()) {
                    if (Yii::app()->request->getIsAjaxRequest()) {
                        echo 'Permission Deny';
                        exit();
                    } else {
                        $menuActions = array();
                        foreach ($opUserPermissions as $action => $opUserPermission) {
                            if (!empty($opUserPermission['type']) && ($opUserPermission['type'] == Permission::TYPE_MENU)) {
                                $menuActions[] = $action;
                            }
                        }
                        $redirectAction = array_shift($menuActions);
                        if (empty($redirectAction)) {
                            Yii::log(json_encode($opUserPermissions),CLogger::LEVEL_ERROR,'Controller');
                            throw new CHttpException(403, 'Permission Deny');
                        }
                        Yii::app()->user->setFlash('alert-failure', 'Permission Denied');
                        $this->redirect(Yii::app()->createUrl($redirectAction));
                    }
                } else {
                    Yii::app()->user->loginRequired();
                }
            } else {
                $permission = $opUserPermissions[$route];
                if (!empty($permission['type']) && !in_array($permission['type'], array(Permission::TYPE_API))) {
                    Yii::app()->getComponent('bootstrap');
                }
            }
        }else{
            Yii::app()->getComponent('bootstrap');
        }
    }

    public function getRoute()
    {
        $route = Yii::app()->urlManager->parseUrl(Yii::app()->request);
        $c_id = Yii::app()->controller->getId();
        if ($route == '') {
            $route = $c_id;
        }
        $last = strrchr($route, $c_id);
        if ($last && ($last == $c_id)) {
            $route .= '/' . Yii::app()->controller->defaultAction;
        }
        return $route;
    }

    public function getQueryData($type, $name, $default = null, $valueType = 'string')
    {
        if ($type == 'post' && isset($_POST[$name]))
            $value = $_POST[$name];
        else if ($type == 'get' && isset($_GET[$name]))
            $value = $_GET[$name];
        else
            $value = null;

        if ($value !== null) {
            if ($valueType == 'int') {
                if (!is_numeric($value))
                    $value = null;
            } else if ($valueType == 'float') {
                if (!is_numeric($value))
                    $value = null;
            } else if ($valueType == 'datetime') {
                if (!strtotime($value))
                    $value = null;
            } else {
                if (get_magic_quotes_gpc()) {
                    $value = stripslashes($value);
                }
                $con = mysqli_connect('localhost', DB_USERNAME, DB_PASSWORD);
                $value = mysqli_real_escape_string($con, $value);
            }
        }

        if ($default !== null && $value === null) {
            $value = $default;
        }

        return $value;
    }

    public function getQuery($method, $name, $default = null)
    {
        $value = $default;
        switch ($method) {
            case 'post':
            case 'p':
                $value = isset($_POST[$name]) ? $_POST[$name] : $value;
                break;
            case 'get':
            case 'g':
                $value = isset($_GET[$name]) ? $_GET[$name] : $value;
                break;
            case 'pg':
                $value = isset($_POST[$name]) ? $_POST[$name] : (isset($_GET[$name]) ? $_GET[$name] : $value);
                break;
            case 'gp':
            default:
                $value = isset($_GET[$name]) ? $_GET[$name] : (isset($_POST[$name]) ? $_POST[$name] : $value);
                break;
        }
        return $value;
    }
}